package com.hifar.sso.util;

/**
 * SSO常量定义
 * 
 * @author system
 * @since 1.0.0
 */
public class SSOConstants {
    
    // 令牌过期时间（秒）
    public static final Long TOKEN_EXPIRE_TIME = 24 * 60 * 60L; // 24小时
    
    // 授权码过期时间（秒）
    public static final Long AUTH_CODE_EXPIRE_TIME = 10 * 60L; // 10分钟
    
    // 刷新令牌过期时间（秒）
    public static final Long REFRESH_TOKEN_EXPIRE_TIME = 7 * 24 * 60 * 60L; // 7天
    
    // 会话过期时间（秒）
    public static final Long SESSION_EXPIRE_TIME = 30 * 60L; // 30分钟
    
    // 令牌类型
    public static final String TOKEN_TYPE_BEARER = "Bearer";
    
    // 授权类型
    public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
    public static final String GRANT_TYPE_PASSWORD = "password";
    public static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
    public static final String GRANT_TYPE_REFRESH_TOKEN = "refresh_token";
    
    // 响应类型
    public static final String RESPONSE_TYPE_CODE = "code";
    public static final String RESPONSE_TYPE_TOKEN = "token";
    
    // 作用域
    public static final String SCOPE_READ = "read";
    public static final String SCOPE_WRITE = "write";
    public static final String SCOPE_ADMIN = "admin";
    public static final String SCOPE_OPENID = "openid";
    public static final String SCOPE_PROFILE = "profile";
    public static final String SCOPE_EMAIL = "email";
    
    // 错误代码
    public static final String ERROR_INVALID_REQUEST = "invalid_request";
    public static final String ERROR_INVALID_CLIENT = "invalid_client";
    public static final String ERROR_INVALID_GRANT = "invalid_grant";
    public static final String ERROR_UNAUTHORIZED_CLIENT = "unauthorized_client";
    public static final String ERROR_UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type";
    public static final String ERROR_INVALID_SCOPE = "invalid_scope";
    public static final String ERROR_ACCESS_DENIED = "access_denied";
    public static final String ERROR_SERVER_ERROR = "server_error";
    public static final String ERROR_TEMPORARILY_UNAVAILABLE = "temporarily_unavailable";
    
    // 错误描述
    public static final String ERROR_DESC_INVALID_REQUEST = "请求参数无效";
    public static final String ERROR_DESC_INVALID_CLIENT = "客户端认证失败";
    public static final String ERROR_DESC_INVALID_GRANT = "授权无效";
    public static final String ERROR_DESC_UNAUTHORIZED_CLIENT = "客户端未授权";
    public static final String ERROR_DESC_UNSUPPORTED_GRANT_TYPE = "不支持的授权类型";
    public static final String ERROR_DESC_INVALID_SCOPE = "作用域无效";
    public static final String ERROR_DESC_ACCESS_DENIED = "访问被拒绝";
    public static final String ERROR_DESC_SERVER_ERROR = "服务器错误";
    public static final String ERROR_DESC_TEMPORARILY_UNAVAILABLE = "服务暂时不可用";
    
    // HTTP状态码
    public static final int HTTP_OK = 200;
    public static final int HTTP_CREATED = 201;
    public static final int HTTP_NO_CONTENT = 204;
    public static final int HTTP_BAD_REQUEST = 400;
    public static final int HTTP_UNAUTHORIZED = 401;
    public static final int HTTP_FORBIDDEN = 403;
    public static final int HTTP_NOT_FOUND = 404;
    public static final int HTTP_METHOD_NOT_ALLOWED = 405;
    public static final int HTTP_CONFLICT = 409;
    public static final int HTTP_INTERNAL_SERVER_ERROR = 500;
    public static final int HTTP_BAD_GATEWAY = 502;
    public static final int HTTP_SERVICE_UNAVAILABLE = 503;
    
    // 默认客户端配置
    public static final String DEFAULT_CLIENT_ID = "sso-client";
    public static final String DEFAULT_CLIENT_SECRET = "sso-secret";
    public static final String DEFAULT_REDIRECT_URI = "http://localhost:8080/callback";
    
    // 缓存键前缀
    public static final String CACHE_PREFIX_TOKEN = "sso:token:";
    public static final String CACHE_PREFIX_REFRESH_TOKEN = "sso:refresh:";
    public static final String CACHE_PREFIX_AUTH_CODE = "sso:authcode:";
    public static final String CACHE_PREFIX_USER_SESSION = "sso:session:";
    public static final String CACHE_PREFIX_USER_PERMISSIONS = "sso:permissions:";
    public static final String CACHE_PREFIX_USER_ROLES = "sso:roles:";
    
    // 请求头
    public static final String HEADER_AUTHORIZATION = "Authorization";
    public static final String HEADER_CONTENT_TYPE = "Content-Type";
    public static final String HEADER_ACCEPT = "Accept";
    public static final String HEADER_USER_AGENT = "User-Agent";
    public static final String HEADER_X_FORWARDED_FOR = "X-Forwarded-For";
    public static final String HEADER_X_REAL_IP = "X-Real-IP";
    
    // 参数名
    public static final String PARAM_CLIENT_ID = "client_id";
    public static final String PARAM_CLIENT_SECRET = "client_secret";
    public static final String PARAM_RESPONSE_TYPE = "response_type";
    public static final String PARAM_REDIRECT_URI = "redirect_uri";
    public static final String PARAM_SCOPE = "scope";
    public static final String PARAM_STATE = "state";
    public static final String PARAM_CODE = "code";
    public static final String PARAM_GRANT_TYPE = "grant_type";
    public static final String PARAM_USERNAME = "username";
    public static final String PARAM_PASSWORD = "password";
    public static final String PARAM_REFRESH_TOKEN = "refresh_token";
    public static final String PARAM_ACCESS_TOKEN = "access_token";
    
    // 会话属性
    public static final String SESSION_USER = "user";
    public static final String SESSION_CLIENT_ID = "clientId";
    public static final String SESSION_AUTH_CODE = "authCode";
    public static final String SESSION_ACCESS_TOKEN = "accessToken";
    public static final String SESSION_REFRESH_TOKEN = "refreshToken";
    
    // 用户状态
    public static final int USER_STATUS_DISABLED = 0;
    public static final int USER_STATUS_ENABLED = 1;
    public static final int USER_STATUS_LOCKED = 2;
    public static final int USER_STATUS_EXPIRED = 3;
    
    // 角色类型
    public static final String ROLE_ADMIN = "admin";
    public static final String ROLE_USER = "user";
    public static final String ROLE_GUEST = "guest";
    
    // 权限类型
    public static final String PERMISSION_READ = "read";
    public static final String PERMISSION_WRITE = "write";
    public static final String PERMISSION_DELETE = "delete";
    public static final String PERMISSION_ADMIN = "admin";
    
    // 日志类型
    public static final String LOG_TYPE_LOGIN = "login";
    public static final String LOG_TYPE_LOGOUT = "logout";
    public static final String LOG_TYPE_TOKEN_REFRESH = "token_refresh";
    public static final String LOG_TYPE_TOKEN_REVOKE = "token_revoke";
    public static final String LOG_TYPE_AUTHORIZATION = "authorization";
    
    // 安全配置
    public static final int MAX_LOGIN_ATTEMPTS = 5;
    public static final int LOCKOUT_TIME = 30 * 60; // 30分钟
    public static final int PASSWORD_MIN_LENGTH = 6;
    public static final int PASSWORD_MAX_LENGTH = 20;
    
    // 正则表达式
    public static final String REGEX_USERNAME = "^[a-zA-Z0-9_]{3,20}$";
    public static final String REGEX_EMAIL = "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
    public static final String REGEX_PHONE = "^1[3-9]\\d{9}$";
    public static final String REGEX_PASSWORD = "^(?=.*[a-zA-Z])(?=.*\\d)[a-zA-Z\\d@$!%*?&]{6,20}$";
    
    // 日期格式
    public static final String DATE_FORMAT_DEFAULT = "yyyy-MM-dd HH:mm:ss";
    public static final String DATE_FORMAT_ISO = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";
    public static final String DATE_FORMAT_SHORT = "yyyy-MM-dd";
    public static final String DATE_FORMAT_TIME = "HH:mm:ss";
}